Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/B5BL_MLx2LN-tOhUbyY4eF7kVQw.roa
File:                     B5BL_MLx2LN-tOhUbyY4eF7kVQw.roa (raw, json)
Hash identifier:          kbgRg8ZwUji9dPreJ4QZOvNLixTZaF4JchXU7XV7mcs=
Subject key identifier:   07:90:4B:FC:C2:F1:D8:B3:7E:B4:E8:54:6F:26:38:78:5E:E4:55:0C
Certificate issuer:       /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial:       01856C1CA12884698E64124165E8A8064E83
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/B5BL_MLx2LN-tOhUbyY4eF7kVQw.roa
Signing time:             Sun 01 Jan 2023 06:54:53 +0000
ROA not before:           Sun 01 Jan 2023 06:54:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203098
IP address blocks:        93.118.38.0/24 maxlen: 24
                          43.230.56.0/23 maxlen: 23
                          43.230.58.0/23 maxlen: 23
                          89.42.8.0/24 maxlen: 24
                          94.176.106.0/24 maxlen: 24
                          103.49.84.0/22 maxlen: 22
                          89.43.32.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:1c:a1:28:84:69:8e:64:12:41:65:e8:a8:06:4e:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
        Validity
            Not Before: Jan  1 06:54:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=07904bfcc2f1d8b37eb4e8546f2638785ee4550c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:e6:6d:4e:dd:1c:b8:a9:9b:68:43:30:1f:45:
                    5d:f0:a3:e0:10:df:d1:a8:07:6a:bc:32:84:90:9b:
                    ea:11:87:81:e0:f6:46:3d:41:da:0c:a7:57:ad:9a:
                    c9:5c:3d:05:d1:a0:11:f4:bf:06:79:28:e5:96:85:
                    18:2a:9a:9c:fc:b5:f6:ee:58:1a:a6:ff:f9:49:98:
                    4d:47:21:12:07:d4:99:75:0f:2b:61:40:59:d0:59:
                    ad:57:4a:0d:0d:46:35:95:03:78:0b:6e:d6:bf:4f:
                    db:00:02:c9:e5:45:65:4c:cd:28:34:be:ca:84:97:
                    b5:c3:b3:18:d7:63:95:82:1c:9c:f3:7a:97:db:37:
                    fe:c1:4b:7d:1e:3c:32:fb:f7:d4:09:f3:12:c9:e0:
                    ee:e5:7d:3f:64:e3:aa:da:45:1d:32:00:84:aa:a9:
                    20:82:2c:d9:27:99:ad:b4:71:3c:db:25:c9:9b:76:
                    18:39:5d:b5:76:2a:cb:e0:1c:a5:51:79:e6:ee:8b:
                    5c:cf:74:65:8a:56:c8:49:2e:45:e7:76:3a:cc:4c:
                    8b:b0:e7:33:0f:11:b1:8c:5d:11:68:03:20:d8:d9:
                    cf:7a:ad:64:ac:6a:fe:84:4a:97:2b:a5:41:b5:34:
                    0f:2a:2c:b3:d8:bb:81:69:b4:79:e0:57:b8:1e:7f:
                    e5:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:90:4B:FC:C2:F1:D8:B3:7E:B4:E8:54:6F:26:38:78:5E:E4:55:0C
            X509v3 Authority Key Identifier:
                keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/B5BL_MLx2LN-tOhUbyY4eF7kVQw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.230.56.0/22
                  89.42.8.0/24
                  89.43.32.0/24
                  93.118.38.0/24
                  94.176.106.0/24
                  103.49.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4e:06:57:54:09:dc:3a:0e:c5:53:ff:87:80:3c:6f:cd:62:eb:
         1b:17:ef:ae:c7:9d:e3:62:df:20:4d:38:4c:12:09:5f:c7:28:
         e1:dd:ae:5a:f7:6e:ec:a6:2a:56:d7:33:9a:ca:06:c3:7b:0e:
         91:94:d4:33:99:18:7c:f1:f5:17:7c:c2:52:b8:0b:dc:4a:14:
         9b:3e:03:4b:22:b7:af:65:6c:87:d4:86:e8:05:cf:29:46:56:
         ea:46:75:93:22:2b:fb:7b:71:b1:e6:6c:aa:ea:82:32:92:68:
         ce:43:4b:f0:88:f3:03:c5:67:08:e6:50:f0:05:ca:e2:fb:6a:
         fc:71:07:8b:42:05:03:4e:0d:49:f3:bd:b0:28:e4:95:88:de:
         ba:d7:93:43:a1:f8:9c:f6:b7:7d:ca:29:b9:08:47:13:e9:84:
         db:f2:83:e5:8c:8a:f5:cb:8c:55:0f:b2:4f:32:58:b7:b9:33:
         37:69:e1:20:00:36:0e:70:ae:ee:fa:a8:03:1e:24:c3:25:16:
         db:62:8e:72:92:23:f4:95:bf:cd:3f:89:e3:f8:01:02:f1:53:
         e8:63:67:5e:fc:32:d7:26:3e:06:ed:ff:72:6c:85:3a:ab:1b:
         25:6a:57:a4:35:ed:89:2a:dd:a0:57:7c:87:30:a9:42:e9:64:
         3e:68:44:8c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVsHKEohGmOZBJBZeioBk6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjMwMTAxMDY1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzkwNGJmY2MyZjFkOGIzN2ViNGU4NTQ2ZjI2Mzg3ODVlZTQ1NTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+ZtTt0cuKmbaEMwH0Vd8KPgEN/R
qAdqvDKEkJvqEYeB4PZGPUHaDKdXrZrJXD0F0aAR9L8GeSjlloUYKpqc/LX27lga
pv/5SZhNRyESB9SZdQ8rYUBZ0FmtV0oNDUY1lQN4C27Wv0/bAALJ5UVlTM0oNL7K
hJe1w7MY12OVghyc83qX2zf+wUt9Hjwy+/fUCfMSyeDu5X0/ZOOq2kUdMgCEqqkg
gizZJ5mttHE82yXJm3YYOV21dirL4BylUXnm7otcz3RlilbISS5F53Y6zEyLsOcz
DxGxjF0RaAMg2NnPeq1krGr+hEqXK6VBtTQPKiyz2LuBabR54Fe4Hn/ljQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAeQS/zC8dizfrToVG8mOHhe5FUMMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvQjVCTF9NTHgyTE4tdE9oVWJ5WTRlRjdrVlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCK+Y4AwQA
WSoIAwQAWSsgAwQAXXYmAwQAXrBqAwQCZzFUMA0GCSqGSIb3DQEBCwUAA4IBAQBO
BldUCdw6DsVT/4eAPG/NYusbF++ux53jYt8gTThMEglfxyjh3a5a927spipW1zOa
ygbDew6RlNQzmRh88fUXfMJSuAvcShSbPgNLIrevZWyH1IboBc8pRlbqRnWTIiv7
e3Gx5myq6oIykmjOQ0vwiPMDxWcI5lDwBcri+2r8cQeLQgUDTg1J872wKOSViN66
15NDofic9rd9yim5CEcT6YTb8oPljIr1y4xVD7JPMli3uTM3aeEgADYOcK7u+qgD
HiTDJRbbYo5ykiP0lb/NP4nj+AEC8VPoY2de/DLXJj4G7f9ybIU6qxslalekNe2J
Kt2gV3yHMKlC6WQ+aESM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:35 2024 by rpki-client on console-ams.rpki-client.org